package com.fjnu.controller.shiro;

import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.apache.log4j.LogManager;
import org.apache.log4j.Logger;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.ExcessiveAttemptsException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.session.Session;
import org.apache.shiro.session.mgt.eis.SessionDAO;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import com.fjnu.controller.common.BaseController;
import com.fjnu.entities.User;
import com.fjnu.service.IUserService;

@Controller
@RequestMapping(value="/loginpage")
public class LoginController extends BaseController{
	private static Logger logger =LogManager.getLogger(LoginController.class);
	@Autowired
	private IUserService userService;
	@Autowired
	private SessionDAO sessiondao;
	@ResponseBody
	@RequestMapping(value="/login")
	//@RequiresPermissions("all")
	public Map<String,Object> Login(String idnumber,
			String password,@RequestParam(required=false) Object mark){
		logger.info("用户登录");
		if(!init(idnumber,password).get(STATUS).equals(SUCCESS))
			return getData2Result();
		/*
		//User user =new User();
		//user.setIdnumber(idnumber);
		User user2 =new User();
		user2=userService.loginFindUnique(idnumber);
		if (user2 == null) {
			return putFail("用户不存在");
		}
		if (!user2.getPassword().equals(password))
			return putFail("密码错误");
		 * 
         */
		//String passwordtwo = String.valueOf(password);
	//	Session session = sessiondao.readSession(sessionId)
		UsernamePasswordToken token = new UsernamePasswordToken(idnumber, password);
		if(null!=mark){
		token.setRememberMe(true);
		}else{
			token.setRememberMe(false);
		}
		//System.out.println(token);
        Subject subject = SecurityUtils.getSubject();
            try {
				subject.login(token);
			}catch(UnknownAccountException uae){
				putFail("用户不存在");
			}
            catch(IncorrectCredentialsException ice){
            	putFail("密码不正确");
            }
            catch (AuthenticationException a){
				putFail("登录异常");	
			} 
		User user = new User();
           user = userService.loginFindUnique(idnumber);
        //subject.getSession().setAttribute("user", user);
      //  User user = (User) subject.getSession().getAttribute("subject"); 
       // System.out.println(user.getRolesName());
         put("Role",user.getRolesName());
	//	request.getSession().setAttribute("user",user);
		return getData2Result();
	}

	@RequestMapping(value="/logout")
	@ResponseBody
	public Map<String, Object> logout() {
		logger.info("用户退出");
		if (!init().get(STATUS).equals(SUCCESS))
			return getData2Result();
		//HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
		//request.getSession().removeAttribute("user");
		//request.getSession().invalidate();
		 Subject subject =SecurityUtils.getSubject();
		if(subject.isAuthenticated()){
		 subject.logout();
		}
		return getData2Result();
	}
}
